1. Field of the Invention
The present invention relates to a system and method for reducing risk to a firm and a firm program and, more particularly, to reducing risk and improving yield or performance by considering firm strategic intent, program phase, and integrated visuals.
2. Description of the Related Art
Projects and programs of a firm or company (or any enterprise) involve many elements that must come together in an precise fashion in order to meet cost, time, and technical requirements. To assist in the management of these projects, both small and large, and simple and complex, conventional risk management methods are applied to the project to reduce or mitigate risk. In general, conventional risk management identifies project elements which pose the greatest risk to cost, schedule, and technical performance and then produces a plan to mitigate the risk. On a larger scale, traditional risk management is used by a firm to ensure that each program, as a whole, is a low, moderate, or high risk to the firm.
Traditional risk management methods, however, have many shortcomings and, often times, have the unintended result of increasing risk to the project and/or the firm. These adverse results are magnified by the complexity of a project.
Traditional risk management identifies elements in a particular project that are or are potentially a problem or a risk. An Element is a risk if there is any likelihood that the item will not perform as planned as it relates to cost, schedule, and/or technical performance. In other words, if there is a delta between the plan and what is believed will actually happen, then that element is considered a risk.
Once the risk element is identified the risk is graded or quantified, i.e., a risk score is produced. There are two grading factors used to quantify the risk associated with the risk element. The first grading factor is likelihood, which measures, by five levels, the likelihood or probability that the risk will happen. Likelihood level one is associated with the least likelihood and likelihood level five being associated with the most likelihood. The second grading factor is consequence, which measures, by levels, the magnitude of the impact of the risk, if realized, against cost, schedule, and technical performance. Cost, schedule and technical performance are referred to as consequence factors. Consequence level one is associated with the least impact and consequence level five is associated with the most impact. Each risk element will have three risk scores, representing combination of likelihood and consequence levels for cost, schedule and technical performance.
The three risk scores are each transferred into risk assessment values via an traditional risk management risk assessment guide and assigned a risk assessment rank. The transformation of risk scores to particular risk assessment rank is predefined by the risk assessment guide. Traditional risk assessment guides rank risk as high, moderate and low. The transformation is often achieved via a stop-light chart where each grid unit on the chart is predefined to correspond to either high, moderate or low risk rank.
Of the risk element's three risk ranks, only the highest risk rank, referred to as the primary driver, is selected for mitigation. The primary driver of each risk element is plotted on the stop-light chart. The program itself is given a program risk rating, based on the risk rank of a majority of plots and a mitigation plan is produced. The mitigation plan develops possible plans to reduce risk associated with each primary driver and may also address secondary drivers.
A weakness of traditional risk management is that the resulting risk assessment and mitigation plans are often times at odds with the firm or the project. For example, if a firm is designing a new camera, traditional risk management identifies that it is likely that the design of a shutter (risk element) will be behind schedule (due to a very complex and novel design). A typical result of traditional risk management would be an assessment rank of high. The typical mitigation plan would be to use an existing shutter design so as to keep the shutter design on schedule and avoid high risk. However, in doing so, the firm will have a camera that lacks a new and innovative shutter design (which may have been one of the primary original goals of the development program). This action, of canceling a high risk item would put the firm at risk with an inferior or dated camera design in a highly competitive marketplace that values innovation. While traditional risk management methods reduce the risk to the project it actually increases the risk to the firm.
Another weakness of traditional risk management is the definition of risk, (i.e., any delta between plan and likely result) produces risk management results that are unwarranted or incorrect. For example, if an element is unexpectedly delayed by the firm, e.g., an opportunity to license an existing novel shutter design is available, traditional risk management will identify the element as a risk to schedule and design and implement a mitigation plan. Yet, the element, while at risk for not meeting schedule, is not really a risk and mitigation is not needed. In addition, this weakness is also magnified for programs where the plan and result is difficult to measure, such as when plan is vague, by design, such as, for instance, in developmental programs where ending points are difficult to determine, where results difficult to quantify, and where incremental costs are difficult to determine.
Another weakness of traditional risk management is that it, often times, fails to identify risk to an element. For instance, in our example, the shutter component is encapsulated by a case component and therefore the case component has a longer design lead time since the subsequent design of the case must wait for the final design of the shutter. The case design is dependent on the shutter design. However, traditional risk management either fails to identify the case design as a risk or gives the case design a low risk score, in either case an incorrect risk identification.
Another weakness of traditional risk management is that it treats or rates cost, schedule and technical performance as the same priority, weight, and/or importance. For instance, in the example, assume the case item is low risk on schedule and assume that the company cannot afford any slip in schedule, even to the detriment of cost and/or technical performance. Thus, a small slip in schedule threatens the project and, in fact, the company. A typical situation for small firms seeking funding who must prove the existence of a sample product prior to its full performance. Thus, in reality, the case item should be the high risk item. Traditional risk management has no way to distinguish that schedule should be given more importance than cost and/or technical performance.
Another weakness of traditional risk management is that it has no technique for identifying, assessing or depicting magnitude and direction of risks (i.e., is the risk getting worse, is the risk getting better), where worse and better are related to need and magnitude and ultimately related to the total value of its contribution.
Another weakness of traditional risk management is that it has no way to directly consider the issue of quality. Traditionally, any issue of quality simply is consolidated into technical performance without making a distinction between technical performance and quality where quality is defined as adherence to design goals. Often, due to this consolidation of quality with other technical parameters, traditional risk management erroneously rates risk items and increases organizational risk rather than reducing it. For example: It is possible that our camera company has an impending merger which is partially dependant on the introduction of this new, low cost, light weight, high performance shutter camera. A slip in quality in any component would traditionally be rated as high risk, but a slip in quality (which is typical with a new cutting edge design) may actually be acceptable and in fact desirable in comparison to a slip in schedule or mediocre technical performance in order to obtain the benefits of the merger. Traditional risk management would simply view the case of quality as a technical performance aspect and rate it accordingly. In addition, by consolidating quality and technical performance, traditional risk management assessment of technical performance is biased by the inclusion of quality. In this example, a traditional view of good and bad are reversed, and poor quality is acceptable. Traditional risk management has no facility for accommodating these counter-intuitive requirements. This is an example of strategic goals taking priority over cost, schedule or technical measures.
Another weakness of traditional risk management is that is produces unwarranted and incorrect assessments and mitigation plans for programs that do not measure success by the traditional consequence factors of cost, schedule and technical performance. For example, projects in the pharmaceutical, high-tech software and hardware, medical, industrial and entertainment fields do not necessarily measure success by cost, schedule and technical performance.
Another weakness of traditional risk management is that it produces unwarranted and/or incorrect results at the program level. For example, a project in the early research and development stage will most likely be over cost, behind schedule, and over margin for technical performance, thereby garnering a high project risk rating. Conversely, a project in the later stages of manufacture are usually on schedule, on cost, and within margin, thereby garnering a low project risk rating. Based on these traditional ratings, the firm would cancel the program in the early stage and allow the project in a mature manufacturing stage or declining to continue. Yet, in the early stage, many programs that are high risk are actually satisfactory to the firm and do not require mitigation. Conversely, programs in the later stage that are ranked low risk will never be scrutinized and yet they may be high risk to the company, e.g., a waste of resources.
Another weakness of traditional risk management is that it produces unwarranted and/or incorrect results for programs that have a high rate of failure. For example, in the pharmaceutical industry, it takes approximately six thousand raw and developmental ideas and projects resulting in failure to create one successful result (a new accepted drug). Because the stated goal for each of these programs is to create a successful result, traditional risk management rates them all as a high risk to technical performance, cost, and schedule. Traditionally, risk management advocates that a program rated at such a high risk be cancelled, re-defined or not considered, or at the least very strictly monitored. Yet, the pharmaceutical industry must embrace these “failures” in order to achieve the one success and any overly strict monitoring would hinder the creative process and ultimately often conscript the resources and shut it down.
As the business and engineering environments become increasingly more complex and interdependent, the application of traditional risk management increases risk to a project and/or the firm. Thus, an improved risk management tool is needed.